Starting on June 11, 2026, the Arch User Repository (AUR) was targeted by malware which rapidly compromised over 1,500 packages. The AUR repository allows for abandoned community packages to be taken ...

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, ...

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

Developers on edge: React exploit exposed Posted: 1 June 2026 | Last updated: 1 June 2026 The React.js framework is reeling from the discovery of a critical vulnerability, CVE-2025-55182, that poses ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

As the Village Voice’s Lisa Jones discovered when she went to Florida to cover the trial, teenage girls had a fairly blasé ...

Z.ai pitches GLM-5.2 for long-running software engineering tasks The open-source model combines a one-million-token context window with architectural updates aimed at lowering the cost of ...

Vulnerabilities & Threats Insider Threats Cyberattacks & Data Breaches In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw The flaw enables server-side request forgery (SSRF) and escalates ...